<?php
/*
 * User handling
 */
class User {
	const ADMIN = "admin";
	const USER = "user";

	public $blnLoggedIn;
	public $strName;
	public $strType;

	function __construct() {
		global $objSession;

		//get the user data form the session
		$cusor = $objSession->query("user");
		if($cusor != null && $cusor->moveToFirst()){
			$this->blnLoggedIn = true;
			$this->loadFromCursor($cusor);
		} else {
			$this->blnLoggedIn = false;
		}
	}

	function logout() {
		global $objSession;
		unset($objSession["user"]);
	}

	function login($username, $password) {
		global $objDatabase;
		global $objSession;

		//get the user by username & password
		$sql = "SELECT * FROM `amps_user` WHERE `username` = '" . $username . "' AND `password` = SHA1('" . $password . "')";

		$cusor = $objDatabase->query($sql);
		if($cusor->moveToFirst()) {
			$this->loadFromCursor($cusor);
			$objSession["user"] = array("username" => $this->strName, "type" => $this->strType);
			return true;
		} else {
			return false;
		}
	}

	function loadFromCursor($cursor) {
		$this->strName = $cursor["username"];
		$this->strType = $cursor["type"];
	}
};

?>